I recently found that when my workstation connects through a VPN connection then its SSH server can't be connected to from a remote site. I am sure it's a routing problem because the the VPN client changes the default gateway to its peer (VPN server) of the ppp connection.

3 Answers
3

When you use a vpn generally the vpn network takes over your entire interface such that you are only routable from somewhere on the vpn network not the internet at large.
Most people solve this problem by running a vm (virtualbox etc) and connecting to the vpn in that virtual machine so that it doesn't completely hose the main connection on the actual machine.

You can do some routing tricks to route data from the vpn one way and other data the other way (different gateways etc) but it's really just a lot easier to use virtualbox. :-)
–
StuOct 17 '11 at 18:38

Thanks for the suggestion! I'd like to know what routing trick can achieve this.
–
btw0Nov 12 '11 at 16:03

You're talking split tunneling.
If you're familiar enough with the command-line ROUTE.EXE tool, you may be able to examine the routes placed by the VPN client, and remove them. You'd then re-add one to allow just the traffic to your corporate LAN to flow through the VPN gateway.

Specifically, you'd use

route print

...to get a list of the routing entries. Without seeing the output, it sounds like your VPN client would have placed a default (0.0.0.0) entry with the gateway being the VPN peer gateway.
You can use

route delete 10.*

...for example, to delete all entries pointing to a 10.x.x.x network.

You can then use

route add 10.0.0.0 mask 255.0.0.0 10.0.99.99

...where the first address (10.0.0.0 255.0.0.0) is your corporate network and mask, and the second address is the remote gateway.

You would need to run this each time you connect, so you may want to script it.

Side note: an alternative would be to convince your company to set up their VPN to use split tunneling; an argument for this is reduced bandwidth, and (IANAL) reduced liability for non-corporate web traffic flowing through their network.